Completing cyber security.

How do we complete cyber
security?

ServicesResearchCommunity

Completing cyber security.

TurgenSec addresses two key areas of cyber security and risk management. Supply chain (third party) security and personal data security risk management.

Services

01

Exosystem Monitoring

Specialized for monitoring leaks in third parties that put your company, employees and customers at risk.

01

Learn more

02

Intelligence Acquisition

Looking for data that should be impossible to find?

02

Learn more

03

Data Shadow

A personal cybersecurity platform, which analyses personal data and publicly available OSINT data for security threats.

Learn more

03

Supply Chain (third party) Security.

Exosystem Monitoring

Your supply chain and the third parties you interact with represent an operational risk.

All companies interface with third parties that hold information about them and their customers.  Rigid security and regular testing mean nothing if the third parties you rely upon do not meet the same standard of security.

Case Study

TurgenSec discovered and responsibly disclosed a data breach at a legal software provider affecting over 190 law firms, including three magic circle law firms. 

The law firms put their trust in a service provider to keep their data secure. This provider failed in their task and left a database exposed breaching the law firms and itself. 

If the law firms had on-going exosystem monitoring this breach would have been discovered as soon as it occured, potentially even before the law firms signed up as clients if they used exosystem monitoring as part of their due diligence process on new suppliers. 

High quality due diligence on your supply chain and the third parties you interact with.

Specialized for monitoring leaks in third parties that put your company, employees and customers at risk.

The Service

Monitor data breaches and leaks in your supply chain.

We produce due diligence reports providing you with the information to make informed decisions on new suppliers and ensure the third parties you currently interact with are not breaching your, or your customers and employees information.

Learn more about this service

Personal Data Security Risk Management.

Data Shadow

67% of data breaches are a result of pretexting (Verizon). 

Pretexting is when a malicious organisation or actor uses open source or breached data about your organisation or employees to trick their way into accessing your data or systems. 

Case Study

A good example is when the physical addresses and emails of employees have been breached through an app or service and a malicious actor sends an email pretending to be the breached app or service. 

The malicious actor can provide accurate evidence in the email of information your employees or organisation doesn’t know is breached and be almost impossible to discern from a legitimate email. 

Your people represent the largest, most unpredictable, most attacked component of your operational risk. A disconnect exists between what people think is publicly available about them and reality. 

For as long as this is the case, these individuals will remain susceptible to manipulation, exposing your organization's data and reputation to risk.

A personal cybersecurity platform for high-impact individuals, which analyses personal data and publicly available OSINT (open source intelligence) data for security threats.

The Service

A personal cybersecurity platform for high-impact individuals, which analyses personal data and publicly available OSINT data for security threats.

Our platform searches for security-relevant information that compromises your digital identity across the internet, the dark web, hacker forums, IRC chats, breach records and the personal data stored by corporate giants. The data is analysed and visualised to provide personalised advice or automated controls for minimising your pretextual information attack surface.

Your organisation is only as secure as your people.

Learn more about this serviceEnquire

Make Informed Decisions and Manage Risk.

Intelligence Acquisition

Looking for data that should be impossible to find?

Case Study

Following a data breach disclosure from a company TurgenSec discovered evidence of the data exposed being sold on the deep web. 

TurgenSec was commissioned to produce intelligence reports to profile the actors involved, sellers, buyers and uses of the breached data. This report was used to aid the company in informing their breached customers of the phishing attempts that may be conducted against them. The report aided an internal investigation and also provided information to aid a potential official investigation or pursuing malicious actors for damages.  

TurgenSec tracked two sellers, and seven buyers producing comprehensive reports on the individuals, profiling them and identifying their Government names and addresses. 

TurgenSec gathered evidence of the data being sold through human intelligence interactions and conducted a risk analysis of the past activities of buyers and the likely use of the data. 

The Service

In depth intelligence reports discovering hidden or hard to find information. 

Scope

TurgenSec offers intelligence acquisition on a case-by-case basis to clients.

If you are interested in intelligence services contact us with the scope of intelligence research you are requesting.

TurgenSec offers intelligence acquisition services utilising human intelligence and OSINT data.

Learn more about this service